CVE-2017-13717
The CVE-2017-13717 issue affects Starry Station (Starry Router). The product exposes a webserver with Access-Control-Allow-Origin: *, enabling cross-origin requests from any hosted page. This misconfiguration allows an attacker to access device endpoints via the user’s browser, and, as described,...